Vulnerabilities (CVE)

Filtered by vendor Apple Subscribe
Filtered by product Macos
Total 4736 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-59489 5 Apple, Google, Linux and 2 more 5 Macos, Android, Linux Kernel and 2 more 2025-10-22 N/A 7.4 HIGH
Unity Runtime before 2025-10-02 on Android, Windows, macOS, and Linux allows argument injection that can result in loading of library code from an unintended location. If an application was built with a version of Unity Editor that had the vulnerable Unity Runtime code, then an adversary may be able to execute code on, and exfiltrate confidential information from, the machine on which that application is running. NOTE: product status is provided for Unity Editor because that is the information available from the Supplier. However, updating Unity Editor typically does not address the effects of the vulnerability; instead, it is necessary to rebuild and redeploy all affected applications.
CVE-2014-8439 4 Adobe, Apple, Linux and 1 more 8 Air, Air Sdk, Air Sdk \& Compiler and 5 more 2025-10-22 10.0 HIGH 8.8 HIGH
Adobe Flash Player before 13.0.0.258 and 14.x and 15.x before 15.0.0.239 on Windows and OS X and before 11.2.202.424 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference) via unspecified vectors.
CVE-2014-0497 8 Adobe, Apple, Google and 5 more 14 Flash Player, Mac Os X, Macos and 11 more 2025-10-22 10.0 HIGH 9.8 CRITICAL
Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2012-2034 8 Adobe, Apple, Google and 5 more 13 Air, Flash Player, Macos and 10 more 2025-10-22 9.3 HIGH 7.5 HIGH
Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2037.
CVE-2011-0609 8 Adobe, Apple, Google and 5 more 14 Acrobat, Acrobat Reader, Air and 11 more 2025-10-22 9.3 HIGH 7.8 HIGH
Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011.
CVE-2010-2883 3 Adobe, Apple, Microsoft 4 Acrobat, Acrobat Reader, Macos and 1 more 2025-10-22 9.3 HIGH 7.3 HIGH
Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010. NOTE: some of these details are obtained from third party information.
CVE-2023-28206 1 Apple 3 Ipados, Iphone Os, Macos 2025-10-22 N/A 8.6 HIGH
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1, iOS 15.7.5 and iPadOS 15.7.5, macOS Big Sur 11.7.6. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
CVE-2023-28205 1 Apple 4 Ipados, Iphone Os, Macos and 1 more 2025-10-22 N/A 8.8 HIGH
A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.4.1, iOS 15.7.5 and iPadOS 15.7.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
CVE-2023-23529 1 Apple 4 Ipados, Iphone Os, Macos and 1 more 2025-10-22 N/A 8.8 HIGH
A type confusion issue was addressed with improved checks. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, Safari 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
CVE-2023-21608 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2025-10-22 N/A 7.8 HIGH
Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-42856 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2025-10-22 N/A 8.8 HIGH
A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1..
CVE-2022-32917 1 Apple 3 Ipados, Iphone Os, Macos 2025-10-22 N/A 7.8 HIGH
The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..
CVE-2022-32894 1 Apple 4 Ipados, Iphone Os, Macos and 1 more 2025-10-22 N/A 7.8 HIGH
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
CVE-2022-32893 5 Apple, Debian, Fedoraproject and 2 more 8 Ipados, Iphone Os, Macos and 5 more 2025-10-22 N/A 8.8 HIGH
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1, Safari 15.6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
CVE-2022-2856 5 Apple, Fedoraproject, Google and 2 more 6 Macos, Fedora, Android and 3 more 2025-10-22 N/A 6.5 MEDIUM
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker to arbitrarily browse to a malicious website via a crafted HTML page.
CVE-2022-2294 6 Apple, Fedoraproject, Google and 3 more 12 Ipados, Iphone Os, Mac Os X and 9 more 2025-10-22 N/A 8.8 HIGH
Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-22675 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2025-10-22 9.3 HIGH 7.8 HIGH
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.3.1, iOS 15.4.1 and iPadOS 15.4.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..
CVE-2022-22674 1 Apple 2 Mac Os X, Macos 2025-10-22 4.9 MEDIUM 5.5 MEDIUM
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Monterey 12.3.1, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6. A local user may be able to read kernel memory.
CVE-2022-22620 1 Apple 4 Ipados, Iphone Os, Macos and 1 more 2025-10-22 6.8 MEDIUM 8.8 HIGH
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.2.1, iOS 15.3.1 and iPadOS 15.3.1, Safari 15.3 (v. 16612.4.9.1.8 and 15612.4.9.1.8). Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..
CVE-2022-22587 1 Apple 3 Ipados, Iphone Os, Macos 2025-10-22 10.0 HIGH 9.8 CRITICAL
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, macOS Big Sur 11.6.3, macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..